In addition to finding a new managing director and awaiting the prosecution of its most recent one, the IMF now has a serious cybersecurity breach to deal with. The New York Times reported over the weekend that the organization had been hit by "a large and sophisticated cyberattack whose dimensions are still unknown." The fund declined to provide details to the Times about the nature of the breach, but it was apparently serious enough that the World Bank immediately severed its computer links to the IMF. But besides Dominique Strauss-Kahn's emails, what's worth stealing from the IMF?
Not as much as there used to be, but still potentially a lot. The IMF now makes a lot of information public that used to be kept secret, such as the terms of loan arrangements with recipient countries. But as with the State Department cables released by WikiLeaks last year, the juicy material may not be so much what policies the IMF is following toward given countries as how it's talking about them in private.
The minutes of IMF executive board meetings are not made public until several years after they take place. Meetings of the board presumably include candid discussions about the financial solvency of countries requesting bailouts. In both meeting minutes and informal remarks over email, officials often discuss countries' internal politics and economic policies in terms they would never use in public documents. It's not exactly unheard of for countries to misrepresent their economic data. If IMF officials were shown to be privately questioning member countries' official figures, it would certainly have the power to move markets.
Like any multilateral organization, IMF members also seek to push their own interests, and it's certainly possible that major shareholders like the United States and Britain may advocate for more favorable loan terms for allies. Again, this isn't exactly secret, but it isn't the sort of thing governments want to see dissected in the media.
Of course, not all cyberattacks are aimed at stealing information or orchestrating WikiLeaks-style data dumps. Sometimes, they're just done to prove a point -- as in the recent attacks by the mysterious group LulzSec on Sony, Fox News, PBS, and others. In fact, just two weeks ago, the IMF received a threat from the "hacktivist" collective Anonymous in retaliation for the fund's activities in Greece. "The overreaching powers of the European Union (EU) and the IMF will not go unnoticed or unopposed by the global community who stand in solidarity with their brothers and sisters of Greece," read a statement attributed to the group.
Despite the threat, there's no indication that the recent attack was carried out by Anonymous. One hacker advising the U.S. Department of Homeland Security told Reuters that the intruder was likely working on behalf of a nation-state looking to steal sensitive information for economic advantage or to simply embarrass the organization.
With an organization as controversial as the IMF, the list of suspects is long. On the other hand, it's not as if a country could exactly issue a news release containing secret IMF data (though it could potentially invest in a country about to receive a loan). This may turn out to be a case in which using the information may prove just as difficult as stealing it.
Thanks to James Vreeland, associate professor of foreign service and government at Georgetown University.